About Resume Projects Blog Contact
Dark mode
โ† Back to projects
Identity & Access Python Okta API

Okta App
Access Auditor

A dashboard that shows exactly which users have access to which Okta applications โ€” filterable by app, department, or user status. Generates clean CSV reports for compliance reviews and flags stale access that shouldn't still be active.

500+
Users covered
40+
Apps audited
Instant
Export to CSV
The Problem

Access reviews shouldn't require a spreadsheet marathon

Access reviews are a standard part of any security or compliance program โ€” SOC 2, ISO 27001, internal audits โ€” and they all ask the same question: who has access to what, and should they? In Okta, answering this question meant either clicking through each application's user list manually, or writing custom API queries every time.

Neither was sustainable. With 40+ apps and 500+ users, a full access audit could take half a day. And the output was inconsistent depending on who did it. The team needed a single place to see the full picture.

How It Works

One dashboard, full visibility

The tool pulls all app assignments from the Okta API, enriches each record with user department and status, and presents a filterable dashboard. Every view is exportable to CSV in one click.

01
Pull all app assignments
Queries the Okta API for all application assignments across the tenant โ€” both individual user assignments and group-based assignments. Group memberships are expanded so you see every user who effectively has access, not just direct assignments.
02
Enrich with user context
For each assignment, the tool fetches the user's department, job title, manager, account status (active, suspended, deactivated), and last login date. This context is what makes the audit useful โ€” you can immediately see if a suspended user still has app access.
03
Surface stale access
Automatically flags assignments where the user is deactivated or suspended, users who haven't logged into an app in 90+ days, and users assigned to apps outside their department scope. Each flag is categorised by severity.
04
Filter and export
The dashboard lets you filter by application, department, user status, or flag type. Any filtered view can be exported to a timestamped CSV โ€” formatted for compliance submissions or internal review docs.
Tech Stack

Built with

Python
Backend & data layer
Flask
Web framework
Okta API
App & user data
Pandas
Data processing
HTML / CSS / JS
Dashboard UI
CSV Export
Compliance output
Outcome

The result

Access reviews that previously took 4โ€“5 hours now complete in under 30 minutes. The compliance team runs the tool before every quarterly review and submits the generated CSVs directly as audit evidence.

The first run of the tool identified 23 stale app assignments โ€” users who had left their roles or the company but still had active access to production tools. All were remediated the same day.

IR
Izzi Renan
IT Systems Administrator at Forter. Managing Okta, Google Workspace, and Jamf Pro for 500+ users across EMEA, APAC, and Israel. 10 years in IT.